This is such a fun and insightful piece. Unfortunately, the people who really need to read it never will.
This is such a fun and insightful piece. Unfortunately, the people who really need to read it never will.
I get notifications for calls (obviously), SMS messages (of which I receive an average of 1 per month) and IMs from my immediate family. Everything else I check up on when I actually feel like I have the time for it. This has dramatically reduced the number of emails and other things I forget to reply to/act on, because I see them when I want to and when I have the time to actually deal with them; not when some random notification pops up when I’m doing something else, gets half-noticed and swiped away because I’ll deal with it later.
The headline is supposedly CISA urging users to either update or delete Chrome — it’s not Chrome/Google itself. However, I’m having trouble finding the actual CISA alert. It’s not linked in the article as far as I can tell.
Fair enough, and thanks for the offer. I found a demo on YouTube. It does indeed look a lot more reasonable than having an LLM actually write the code.
I’m one of the people that don’t use IntelliSense, so it’s probably not for me, but I can definitely see why people find that particular implementation useful. Thanks for catching and correcting my misunderstanding. :)
I’m closing in on 30 years too, started just around '95, and I have yet to see an LLM spit out anything useful that I would actually feel comfortable committing to a project. Usually you end up having to spend as much time—if not more—double-checking and correcting the LLM’s output as you would writing the code yourself. (Full disclosure: I haven’t tried Copilot, so it’s possible that it’s different from Bard/Gemini, ChatGPT and what-have-you, but I’d be surprised if it was that different.)
Here’s a good example of how an LLM doesn’t really understand code in context and thus finds a “bug” that’s literally mitigated in the line before the one where it spots the potential bug: https://daniel.haxx.se/blog/2024/01/02/the-i-in-llm-stands-for-intelligence/ (see “Exhibit B”, which links to: https://hackerone.com/reports/2298307, which is the actual HackerOne report).
LLMs don’t understand code. It’s literally your “helpful”, non-programmer friend—on stereoids—cobbling together bits and pieces from searches on SO, Reddit, DevShed, etc. and hoping the answer will make you impressed with him. Reading the study from TFA (https://dl.acm.org/doi/pdf/10.1145/3613904.3642596, §§5.1-5.2 in particular) only cements this position further for me.
And that’s not even touching upon the other issues (like copyright, licensing, etc.) with LLM-generated code that led to NetBSD simply forbidding it in their commit guidelines: https://mastodon.sdf.org/@netbsd/112446618914747900
Edit: Spelling
I wouldn’t trust an LLM to produce any kind of programming answer. If you’re skilled enough to know it’s wrong, then you should do it yourself, if you’re not, then you shouldn’t be using it.
I’ve seen plenty of examples of specific, clear, simple prompts that an LLM absolutely butchered by using libraries, functions, classes, and APIs that don’t exist. Likewise with code analysis where it invented bugs that literally did not exist in the actual code.
LLMs don’t have a holistic understanding of anything—they’re your non-programming, but over-confident, friend that’s trying to convey the results of a Google search on low-level memory management in C++.
Nowhere does he say that he doesn’t believe in Wunterslash, so I’m cool with him.
Couldn’t you just program it to start (and stop) at a given time, or make a note of how long it says on the display that it’ll take?
It seems (to me) like a very, very minor improvement for a huge cost, namely that your washing machine is on your network and is internet connected.
It’s not Mozilla’s CEO that’s doing anything shady here, it’s a partner company, OneRep.
Edit: And Mozilla is breaking up with OneRep because of it. (Just in case someone had missed that part.)
That makes sense, thanks. I wasn’t sure whether they included animals in the goal.
After reading the article, I’m confused about how it works. Guinea worms are parasites that you get infected with from bad water sources. Unless you eradicate the source (e.g. the worms themselves), can you really say that you’ve eradicated the disease? Even if we go a decade without any human contracting it, it’s no harder for someone to contract it by drinking contaminated water than it is today. It’s not like a viral disease, that simply stops existing if infection numbers drop to 0 for a while.
That being said, it’s great that numbers are as low as they are. Education and better water infrastructure is helping.
Yes, either that or “I haven’t thought this through well enough that I can explain it in writing, so please let me fumble through an oral explanation and—in all likelihood—waste your time”.
Or, “I’m dyslectic and would prefer to talk rather than write”, which is fair enough, I think.
It’s voluntarily broadcasting it, because YOU told it to broadcast it.
Yes, and that’s not the issue as I’ve been saying the entire time. The issue is that you have a right to know where it’s broadcast — both in the past and in the present. That’s what I’ve been saying the entire time. And the privacy policy needs to specify exactly what data is sent and where to. The privacy policy you cited did neither, it just stated that it was sent out.
I am interested in discussion but I prefer to discuss things based on facts rather than feelings.
Email isn’t exempt from the GDPR. If an email provider is doing anything with your email except for delivering it to the intended recipient, then you have a right to know under the GDPR. Plenty of hefty fines have been handed out over failing to sufficiently inform about such things: https://www.enforcementtracker.com/ (look for e.g. art. 12 violations). Even something as simple as SMTP logs contain PII according to the GDPR and should be handled as such.
You voluntarily sending an email, with whatever content you decide to put there, to a recipient of your choosing, is in absolutely no way the same as clicking a vote button and involuntarily having your vote and username broadcast to whoever cares to listen without your prior knowledge and consent. Yes, emails travel through a bunch of MTAs underway — that’s a prerequisite for email to work. And no, broadcasting Lemmy votes along with usernames is in no way a prerequisite for voting to work.
It doesn’t matter if you post your +1 via lemmy or via email.
It absolutely does. When sending an email, you fill in the recipient and decide where your data goes, but when you press ‘upvote’ on Lemmy, you don’t have a say in who that information is broadcast to — especially not in its current form. And it’s on whoever runs the Lemmy server to comply with the GDPR and make data processors known. It really doesn’t matter how similar you think it is to email, the GDPR treats it differently and that’s the reality you have to accept.
Your argument could easily be extended to every piece of information floating across the internet. No one is forcing anyone to upload an image to Facebook, but Meta is still responsible for documenting who handles the image and for what purposes, they can’t just say, “you uploaded it, we let 3rd parties have their way with it”.
And I’ve also worked with the GDPR, both as a developer implementing systems to accommodate requests for data insight and erasure, and implementing controls to make sure data was being handled correctly and e.g. not stored for longer than allowed, and I’ve worked with it from a security perspective in order to protect the personal data of about a couple of million people, and finally I’ve worked with it in management to implement safe and GDPR compliant data handling strategies in a couple of companies.
Still not a good example because I’m still in control of what I choose to send and whether or not I choose to send it at all. I can’t choose whether or not Lemmy broadcasts my username in conjunction with my votes to whoever may be listening, but I can choose not to send an email to a mailing list stating who I am and how I vote on Lemmy posts.
Organizations handling EU citizens’ data are required to abide by the GDPR and I can assure you that Gmail and others do that, they were among the first scrutinized when the GDPR went into effect. Just because I can send any data via email, doesn’t mean that email providers can do whatever they want with the data. If an email provider processes the contents of your email in order to do targeted advertising, then they have to very clearly state that in their privacy policy.
This isn’t specifically aimed at you, @[email protected], but more of a general observation. Lots of people in this thread appear to be unfamiliar with the GDPR and how it works, and that’s completely fair — especially if you’re not from Europa and/or haven’t worked with it. I just wish they would actually check how it works instead of making assumptions. This is a good start: https://gdpr.eu/data-privacy/
Problem is that it’s not historical. If a server was defederated yesterday, it doesn’t appear in that list. And again, GDPR takes this stuff seriously, and “look at the bottom” is not sufficient. It needs to specify what data goes where.
I don’t think email is a good example because you’re in complete control of who you send an email to. However, I’m not in control of who Lemmy sends my voting data to (because I don’t control who a given instance is federated with), but GDPR grants me the right to know that.
if you want data deleted, you can do that, but you’ll have to send that request to every server you (or your instance on your behalf) sent it to.
According to the GDPR an “organization” has to specify exactly who processes the user’s data (i.e. every instance in a federation — past and present), and everyone that processes that data must make it easy to make data/deletion requests, to that’s hopefully baked into Lemmy from the get-go because otherwise someone is going to find themselves in the middle of a GDPR nightmare sooner rather than later. It’s not enough to say in the privacy policy that “user data spreads to federated instances” or something to that effect.
And given that usernames are connected to the votes, I’m pretty sure that it does not comply with the GDPR to just say that it “will place this interaction in the user’s outbox and immediately deliver it on the user’s behalf to all”.
Edit: Added link.
I read every single word of it, twice, and I was laughing all the way through. I’m sorry you don’t like it, but it seems strange that you immediately assume that I haven’t read it just because I don’t agree with you.